Verizon expands network-as-a-service with VMware SD-WAN
If enterprise apps are going into the cloud, someone needs to provide the extra plumbing
MWC Verizon Business is adding VMware's software-defined WAN (SD-WAN) offering to a lineup of managed services, the latest move by a major carrier to address the demand for more streamlined networking and security capabilities by increasingly distributed and cloud-centric enterprises.
Verizon made the announcement this week at the Mobile World Conference event in Barcelona, giving the telco another service that organizations can use as data and applications continue to move out of centralized data centers and into the cloud and network edge.
The partnership with VMware – Verizon has similar tie-ups with the likes of Cisco Systems, Fortinet, and Versa Networks – comes as the SD-WAN space expands rapidly and the technology plays a foundational role in the emerging secure access service edge (SASE) space, which essentially combines SD-WAN and hybrid connectivity with a range of network security functions, including zero-trust network access (ZTNA), secure web gateways, cloud access security brokers (CASBs) and firewall-as-a-service (FWaaS) delivered as a cloud service.
"SD WAN offers the optimal performance in connecting to applications that are in or migrating to the cloud," Massimo Peselli, Verizon's senior vice president of global enterprise, told The Register. "Enterprises continue to migrate greater numbers of their applications to the cloud, so it's unsurprising that SD-WAN's growth matches the increased need for public internet to access those applications."
Peselli said that a few years ago, Verizon "started combining network and security services in the cloud, and SASE represents this convergence."
- VMware's stack heads to Arm architecture – out on its new two-faced edge
- It's time to decentralize the internet, again: What was distributed is now centralized by Google, Facebook, etc
- Cisco takes small steps towards IT-as-a-service, more software-defined networking
For several years, SD-WAN has been the fastest-growing segment of the larger global software-defined networking (SDN) space, although, as a report from analysts at Dell'Oro Group noted, the COVID-19 pandemic temporarily slowed the market's expansion in 2020. The analysts expect the SD-WAN market will grow an average of 24 per cent a year over the next four years, blowing past $4bn in 2025.
At the same time, the pandemic accelerated interest in SASE as security took center stage for companies with suddenly remote workforces, according to a report last year by Versa.
"For the very reasons why enterprises started adopting SD-WAN – which was distributed users, movement and increased adoption of cloud applications – it's these same fundamental reasons for which SASE exists," Abe Ankumah, vice president of product for VMware, told The Register. "SASE is the convergence of cloud-delivered networking and cloud-delivered security. If you think about SD-WAN as the fundamental networking component to SASE, secure service edge as the security tool."
Verizon's VMware-based SD-WAN service – which is part of its larger network-as-a-service (NaaS) strategy – will include centralized orchestration through VMware's Orchestrator platform, which includes policy, monitoring, reporting and analytics through the Verizon Enterprise Center. In addition, the service will involve VMware's gateways, which are points of presence (PoPs) located around the world to improve latency and control plane traffic for enterprise edge devices.
Verizon also will leverage VMware's SD-WAN Edge devices, which are housed on-premises and programs the orchestrators to enable those devices to help with SD-WAN application routing.
Ankumah said that for now, Verizon is focusing on VMware's SD-WAN capabilities to deliver its services but expects that like what has happened with other carrier partners, eventually it will incorporate components of VMware's SASE offerings.
Verizon already offers SASE capabilities via partnerships with Versa and Zscaler and other carriers are doing the same. Comcast is partnering with Versa to offer managed SASE services for large and midsize enterprises and last fall completed its acquisition of Masergy, which gave it a SD-WAN service for similar sized organizations to complement the service its partnership with Versa gave to smaller businesses.
Similarly, AT&T also is working with Fortinet for networking and security services and with Palo Alto Networks. The carrier merged Palo Alto's Prisma Access and Prisma SD-WAN offerings to create a single SASE service platform.
We are meeting the needs of our global enterprise customers, who require more flexibility and agility as they migrate to the cloud
"By increasing our ecosystem of SD-WAN partners, we are meeting the needs of our global enterprise customers, who require more flexibility and agility as they migrate to the cloud," Verizon's Peselli said.
As the network has become the connectivity tissue in a rapidly decentralizing world, network vendors also are adding more security capabilities to protect the applications and data running through them from the data center to the cloud and the edge.
Ankumah said VMware has for years been marrying security and networking, such as including a firewall in its SD-WAN appliance. Over the last 18 months, the company has invested to bring more security capabilities to its networking products.
"What historically has been a disaggregated notion of different components – I get my networking from here, I get my security from this other vendor – with this whole notion of again an increasingly distributed workforce and increasing adoption of applications being consumed and being cloud-first, what we're seeing is a movement towards converging these functions," he said.
In addition, Ankumah also expects that as the markets for SD-WAN and SASE evolve, carriers like Verizon, AT&T and Comcast will consolidate the services they offer enterprises and settle on one or two SD-WAN and SASE partners.
"We expect over time these partners, like Verizon and AT&T, to standardize on a couple of vendors," he said. "Customers are consuming SASE and it seems like a Verizon, who are doing SASE, are doing it with a couple of different vendors. We expect that to evolve and change as the different solutions in SASE mature. Right now … partners have at least two providers – or sometimes three – deliver on the SASE. But we're going to see that in the next 18 months to 24 months become a bit more consolidated." ®
- Black Hat
- Black Hole
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Network switch
- Palo Alto Networks
- Radio Access Network
- Streaming video
- Submarine cable
- Systems Approach
- Trusted Platform Module
- World Wide Web
- Zero trust